<?php
define("USER_LOGGED",1);
define("USER_NOTLOGGED",0);
define("USER_LOGGEDBUTNOTREGISTERED",2);
class user extends objeto{
	var $id;
	var $_tabla="usuarios";
	function user($id=0){
		$this->id=$id;
	}
	function loginwithtwitter($datos){
		global $core;
	    $db=&$core->getDB();
	    $con=&$db->getConexion();
		if($this->id){
			$this->set("tw_token",$datos["oauth_token"]);
			$this->set("tw_token_secret",$datos["oauth_token_secret"]);
			$this->set("tw_id",$datos["user_id"]);
			$this->set("tw_name",$datos["screen_name"]);
			return USER_LOGGED;
		}
		else {
			$q="select `id` from `".$this->_tabla."`
			where `tw_id`='".$datos["user_id"]."' limit 1";
			$r=mysql_query($q);
			$i=mysql_fetch_array($r,MYSQL_ASSOC);
			if($i["id"]){
				$login=$this->forceLogin($i["id"]);
				if($login){
					$this->set("tw_token",$datos["oauth_token"]);
					$this->set("tw_token_secret",$datos["oauth_token_secret"]);
					$this->set("tw_id",$datos["user_id"]);
					$this->set("tw_name",$datos["screen_name"]);
				}
				return $login;
			}
			else {
				$_SESSION["tw_token"]=$datos["oauth_token"];
				$_SESSION["tw_token_secret"]=$datos["oauth_token_secret"];
				$_SESSION["tw_id"]=$datos["user_id"];
				$_SESSION["tw_name"]=$datos["screen_name"];
				return USER_LOGGEDBUTNOTREGISTERED;
			}
		}
	}
	function loginFacebook($code){
		global $core;
	    $db=&$core->getDB();
	    $con=&$db->getConexion();
		$facebook=&$core->getApp("facebook");
		$data=$facebook->getData($code["access_token"]);
		if($this->id){
			$this->set("fb_id",$data->id);
			$this->set("fb_token",$code["access_token"]);
			$this->set("fb_expire",$code["expires"]);
			return USER_LOGGED;
		}
		else {
			$q="select `id` from `".$this->_tabla."`
			where `fb_id`='".$data->id."' limit 1";
			$r=mysql_query($q);
			$i=mysql_fetch_array($r,MYSQL_ASSOC);
			if($i["id"]){
				$login=$this->forceLogin($i["id"]);
				if($login){
					$this->set("fb_id",$data->id);
					$this->set("fb_token",$code["access_token"]);
					$this->set("fb_expire",$code["expires"]);
				}
				return $login;
			}
			else {
				$_SESSION["fb_id"]=$data->id;
				$_SESSION["fb_email"]=$data->email;
				$_SESSION["fb_name"]=$data->name;
				$_SESSION["fb_token"]=$code["access_token"];
				$_SESSION["fb_expire"]=$code["expires"];
				$_SESSION["fb_data"]=$data;
				return USER_LOGGEDBUTNOTREGISTERED;
			}
			
		}
	}
	function loginWithCookie($key){
		global $config;
		if(array_key_exists($key, $_COOKIE)&&array_key_exists(md5($config->defaults["secretword"]), $_SESSION)&&$_COOKIE[$key]==md5($_SESSION[md5($config->defaults["secretword"])])){
			return $this->forceLogin($_SESSION[md5($config->defaults["secretword"])]);
		}
	}
	function loginWidthCredentials($us,$pass){
		global $core;
	    $db=&$core->getDB();
	    $con=&$db->getConexion();
		//$pass=md5("ERP".$pass);
		$q="select `id` from `".$this->_tabla."` 
			where `user`='".mysql_real_escape_string($us)."'
				and `password`='".mysql_real_escape_string($pass)."'
			limit 1";
		$r=mysql_query($q);
		$i=mysql_fetch_array($r,MYSQL_ASSOC);
		if($i["id"]){
			return $this->forceLogin($i["id"]);
		}
		
	}
	function loginWithToken($token){
		global $core;
	    $db=&$core->getDB();
	    $con=&$db->getConexion();
		$q="select `id` from `".$this->_tabla."` where `token`='".mysql_real_escape_string($token)."' and `token_expire`>now() limit 1";
		$r=mysql_query($q);
		$i=mysql_fetch_array($r,MYSQL_ASSOC);
		if($i["id"]){
			return $this->forceLogin($i["id"]);
		}
	}
	function getNewToken(){
		global $core;
	    $db=&$core->getDB();
	    $con=&$db->getConexion();
		$expire=time()+604800;
		$token=md5($this->id."user".$expire);
		$q="update `".$this->_tabla."` set `token`='$token', `token_expire`='".date("Y-m-d H:i:s",$expire)."'";
		mysql_query($q);
		return array(
			"token"=>$token,
			"token_expire"=>$expire
			);
	}
	function forceLogin($id){
		global $core,$config;
	    $db=&$core->getDB();
	    $con=&$db->getConexion();
		$q="select  `id` from `".$this->_tabla."` where `id`='".mysql_real_escape_string($id)."' limit 1";
		$r=mysql_query($q);
		if(!mysql_num_rows($r)){
			return USER_NOTLOGGED;
		}
		
		if(session_id()){
			session_destroy();
			}
		
		session_start();
		
		$_SESSION["logged"]=true;
		$_SESSION[md5($config->defaults["secretword"])]=$id;
		setcookie(md5($config->defaults["secretword"]),md5($id));
		$this->logged=true;
		$this->id=$id;
		
		$q="update `".$this->_tabla."` set `last_login`=now() where `id`='".mysql_real_escape_string($id)."' limit 1";
		mysql_query($q);
		return USER_LOGGED;
	}
	function logout(){
		$_SESSION["logged"]=false;
		$_SESSION[md5($config->defaults["secretword"])]=0;
		session_destroy();
		setcookie(md5($config->defaults["secretword"]),0,time()-1);
		return true;
	}
}
